Table of Contents
What you will discover:
What consumer rights are protected by law?
Is the CCPA applicable to employee data?
As an employer, how do I comply with the CCPA?
The California Consumer Protection Act (CCPA) goes into effect on January 1, 2020, with enforcement commencing on July 1. This legislation will have an impact on firms that satisfy any of the following criteria:
1) The company’s yearly gross sales exceeds $25 million.
2) Each year, the company gets, sells, or exchanges personal information on over 50,000 CA customers, households, or devices.
3) The sale of customers’ personal information generates more than half of the company’s yearly income.
To be in compliance with the CCPA, one must first comprehend the meanings of the act’s words. Personal information is defined generally as any information that identifies, pertains to, or can be fairly attributed to a particular household or consumer. Personal information includes things like names, addresses, Social Security numbers, and so on.
What consumer rights are protected by law?
The CCPA gives customers various rights that, if used, will need some backend effort on the side of the firm. Consumers have the right to seek the following information from businesses: the particular information gathered about them, how the information will be used, whether third parties will have access to it, and the purpose of collecting that information. Within 45 days, businesses must respond to all verifiable requests.
Customers may also request that a company erase their personal information. Data deletion has limits, similar to the GDPR’s “Right to be Forgotten,” which include:
Legal compliance as well as other legal objectives
For the sake of security
The information is required to execute a transaction or provide a service requested by the consumer.
Is the CCPA applicable to employee data?
One of the most pressing concerns about the CCPA is whether it extends to employee data. As an interim remedy, Assembly Bill 25 (AB-25) was inserted as an amendment to the CCPA. The measure exempts companies from complying with the CCPA regarding employee and job application data when the information is utilized for human resource purposes until January 1, 2021. Employees will be granted the same privileges when the exemption period expires.
As an employer, how do I comply with the CCPA?
Because of the CCPA’s changes to consumer and employee data, you need update not just your consumer-facing privacy policy agreements, but also your internal employee privacy policies, which should be incorporated in your employee handbook. The CCPA employee policy applies to all California-based independent contractors and job candidates, not only full-time employees.
All of the following CCPA disclosures should be included in these policy updates:
Opting out of the selling of consumer data
Information categories and sources gathered in the previous 12 months
CA citizens’ new rights are described in detail.
How to Make a Data Removal Request
List of categories for all personal information supplied in the previous 12 months for the purpose of data collection
At first look, CCPA compliance may seem to be a difficult process since firms must comply not only for customers but also for their CA staff. Employers are fortunate in that the California law has provided a six-month grace period for CCPA consumer compliance and a year-long grace period for employee data. If you use the aforementioned suggestions and tactics and get a head start on redesigning your data collecting procedures, your company will be in excellent form for the new year.
